NSA - MS17-010: Difference between revisions

From ICO wiki
Jump to navigationJump to search
Lphanvan (talk | contribs)
Lphanvan (talk | contribs)
Line 1: Line 1:
== Microsoft Security Bulletin MS17-010 - NSA Tool leak ==
== Microsoft Security Bulletin MS17-010 - NSA Tool leak ==
=== Introduction ===
At last April 8, TheShadowBrokers has published a bunch of tools that was stolen from the NSA Arsenal
Hacker Tools. A Github repository is the following: https://github.com/misterch0c/shadowbroker.
In this paper, we’ll focus on ETERNALBLUE exploit for Microsoft Windows and the plugin
DOUBLEPULSAR. To leverage these “fantastic” codes, we’ll be using FUZZBUNCH, The NSA’s
“Metasploit”
=== Setup Environment ===
=== Setup Environment ===



Revision as of 18:29, 30 April 2017

Microsoft Security Bulletin MS17-010 - NSA Tool leak

Introduction

At last April 8, TheShadowBrokers has published a bunch of tools that was stolen from the NSA Arsenal Hacker Tools. A Github repository is the following: https://github.com/misterch0c/shadowbroker. In this paper, we’ll focus on ETERNALBLUE exploit for Microsoft Windows and the plugin DOUBLEPULSAR. To leverage these “fantastic” codes, we’ll be using FUZZBUNCH, The NSA’s “Metasploit”

Setup Environment

Attacker:

- Windows 7 ( To execute NSA tool )

- Kali Linux ( To generate DLL file and being a listener )

Victim:

- Windows 7/SVR2008